Back to PkgExim4

1. Debian Exim4 User FAQ

This is work in progress, so it is probably not yet very helpful.

?TableOfContents


1.1. Questions not categorized yet

1.1.1. How do I re-execute the debconf-driven configuration?


1.1.2. When I try to deliver a message via SMTP to my Exim, I get "550 relay not permitted"

Answer not yet fleshed out.


1.1.3. my exim cannot connect to the outside

Answer not yet fleshed out.

It might be possible that your ISP blocks outgoing connections to port TCP/25 of external hosts. This prevents computers on the ISP network from directly sending out e-mail. Many ISPs do this as a security precaution because compromised computers (called "Zombies") are frequently used to send out Spam.

Possible solutions:


1.1.4. my exim cannot be connected to from the outside

Answer not yet fleshed out.

It might be possible that your ISP blocks incoming connections to port TCP/25 of their customer's machines. This prevents computers on the ISP network from directly receiving e-mail. Many ISPs do this as a security precaution because misconfigured SMTP servers can be an open relay and thus be abused to send out Spam.

If you want to run a MX server on such a connection, you're out of luck. It is not possible to use a different port for MX servers since the Internet Standards don't offer the possibility to tell delivering hosts to try delivery on a different port.

If you want to run a smarthost on such a connection, it might be a solution to configure exim to listen on port TCP/587 additionally. Please note that the Internet standards demand that you only accept e-mail after authentication if the connection is made to TCP/587. Otherwise, you might open yourself to receiving and sending Spam.


1.1.5. How do I configure exim to use a different port to receive mail


1.1.6. How do I configure exim to use a different port to send mail


1.1.7. I am trying to have exim forward mail to some internal hosts, but all I am getting is "all relevant MX records point to non-existent hosts"

A probeble cause for this might be that all MX records for the offending domain point to site local or link local IP addresses, which are ignored by the dnslookup router to protect from misconfigured external domains. The default configuration has relaxed checking for domains that the local system is configured to allow relaying to, so adding the offending domain to dc_relay_domains will most probably help.

Please note that no domain on the public Internet should have MX records pointing to site local or link local IP addresses, so you might check your externally visible MX records.

If this doesn't help, try analyzing the output of exim -d -bt some.local.part@the.offending.domain.example

[http://www.exim.org/eximwiki/FAQ/Routing_to_remote_hosts/Q0302 Upstream Exim FAQ Q0302] might help as well.


1.1.8. I get the error "Mailing to remote domains not supported". I don't have a FQDN on this machine and just want it to send notifications by email (to outside domains) via various scripts. Can exim do this? How?

Not yet answered.


1.1.9. What do "lowest numbered MX record points to local host" or "remote host address is the local host" mean?

This is covered in [http://www.exim.org/eximwiki/FAQ/Routing_to_remote_hosts/Q0301 Upstream Exim FAQ Q0301.] The Debian default configuration has the hubbed_hosts router mentioned there already defined. Its configuration file is /etc/exim4/hubbed_hosts, and some documentation can be found in /etc/exim4/conf.d/router/150_exim4-config_hubbed_hosts.


1.1.10. What do the "DEBCONFfooDEBCONF" macros in the Debian configuration do?

When the Exim daemon is started, the dpkg-conffiles in /etc/exim4 are post-processed to the result /var/lib/exim4/config.autogenerated, which is the configuration file that Exim reads. In this post-processing step, done by update-exim4.conf, the DEBCONFfooDEBCONF strings are replaced with values pulled from /etc/exim4/update-exim4.conf.conf and system configuration.

Please note that the string DEBCONF is kind of a misnomer since the strings are _not_ directly pulled from the Debconf database, but from user-editable conffiles instead. This is a common misunderstanding.

For more information, read the update-exim4.conf man page.


1.1.11. I am experiencing timeout issues with TLS connections

Answer not yet fleshed out.

1.1.12. Why does my exim HELO as localhost.localdomain

Answer not yet fleshed out.

I tried all of the above (on Etch testing) and none of it helped, in particular, hostname -f was still returning localhost.localdomain. What I did find is that it was being fooled by the settings in /etc/hosts which contained the lines:

127.0.0.1 localhost.localdomain localhost myrealhostname
<myip> myrealhostanme myrealhostname.example.com

I changed it to (which is how Sarge is configured by default):

127.0.0.1 localhost
<myip> myrealhostname.example.com myrealhostname

and now both hostname -f and my HELO string deliver the proper FQDN.


1.1.13. How do I configure a catch-all?

Answer not yet fleshed out.


1.1.14. Exim stops delivery after ten messages are received

Answer not yet fleshed out.


1.1.15. How can I debug SMTP AUTH and/or other SMTP aspects


1.1.16. I have configured exim with help of a non-Debian HOWTO. It doesn't work.

Unfortunately, a lot of third-party documentation has been written by people who do not fully understand how things work. They might have been successful in solving the issue at their hands, but challenges are so different that it is extremely improbable that the solution will hold in other situations.

It is thus adviseable to take third-party HOWTOs with extreme caution and use them only as input for a local solution. Taking a third-party configuration snippet verbatim is like asking for extreme trouble.

In this FAQ entry, we'll link to third-party HOWTO documents and comment about what we think about their contents.


1.1.17. How can I create a blacklist to deny specific hosts / ip addresses?

I know little, just made it work with the monolithic file that supports debconf.

~$ less /etc/exim4/exim4.conf.template shows the file that debian exim4 constructs a config file from. Search '/' for "acl_check_rcpt" (Second occurance) to find the sequence of rules which are pretty comprehensive. exim4.conf.template recommends viewing /usr/share/doc/exim4-config/default_acl

To make a local blacklist create a file called /etc/exim4/local_host_blacklist. List your least favourite hostnames, IP addresses, or networks in CIDR format.

To use an IP blacklist service, edit /etc/exim4/update-exim4.conf.conf to include an entry like CHECK_RCPT_IP_DNSBLS=ipblacklist.foo.bar/$sender_address_domain

Same again for a DNS blacklist, over two lines this time CHECK_RCPT_DOMAIN_DNSBLS=dnsblacklist1.foo.bar/$sender_address_domain : \ dnsblacklist2.foo.bar/$sender_address_domain

CHECK_RCPT_LOCAL_ACL_FILE is provided as a hook for a custom access list. If you want to go that far you're a braver hacker than I. Let us know how you get on.

I don't know about non-debian exim4. From what I've seen, there seems to be encouragement out there to add a few lines to your exim4.conf file now and again. I've heard legends about how your exim conf file can get spectacularly out of control, but don't want to find out for myself.


1.1.18. How can I integrate content scanning at SMPT time with Exiscan?


Back to PkgExim4